Really Simple Security logo

Log out
Get PRO

Latest

Authentication vulnerability in MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard 2.0.9.2

  • Severity: critical
  • Status: Fixed
  • Publication: March 9, 2015

The MainWP Child WordPress Manager Dashboard plugin for WordPress is vulnerable to an authentication bypass in versions up to 2.0.9.1. This means that if an attacker knows the username of the account, they can gain access to the account without needing to provide any credentials. This includes administrator-level accounts.

Detected in:

MainWP Child – Securely Connects Sites to the MainWP WordPress Manager Dashboard fixed vulnerable versions: >= * < 2.0.9.2
MainWP Child – Securely Connects to the MainWP Dashboard to Manage Multiple Sites fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.